□ I've read the Ruby implementation a lot to figure how some things work, I've also read the Go version to see some of their implementation and I obviously know the Rust version having couple of my commits there. Now as for the commit reviewing, it's totally doable actually. So I'd actually disagree with the sentiment there a bit. While I believe Kyle does everything right, in my opinion the only way to be really sure that there are backups and the server is secured is when you self host it. Hi bitwarden_rs (the Rust version) collaborator here. I don't really see a point in hosting the official server implementation, so if I decide to drop my own server for any reason, I'll probably switch to using the public service. Since I enjoy this kind of stuff, I'll keep rolling bitwarden_rs. they support a few extra features that unofficial servers don't support Īt the moment I don't need any of the premium features and both self-hosting (any server implementation) or using the publicly-hosted service would work for my needs.you don't have to worry about the service reliability.only the official server (including a self-hosted one) can automatically push changes (see ).The public servers seem some advantages as well: get unlimited storage for encrypted files (this also applies to self-hosting the official server implementation).With self-hosting (an unofficial server) you: The Bitwarden server implementation I'm using uses a sqlite database, so it's going to be pretty easy to backup its data. I was not sure about using azure, while I understood the same for the other points. If I am wrong, please chime in and correct me. So, I feel like Bitwarden hosted with a sufficiently strong password + 2FA is more than enough protection. On top of that, if you have 2FA turned on, then they would also need your 2FA code.Get a hold of your password from you, which would require either a social engineering attack, or hacking your PC and installing a key logger.Hack the Microsoft Azure cloud to get your encrypyted blob.To successfully get at your Bitwarden data an attacker would need to: If you do self-host Bitwarden, you need to find a way to backup your data, which is going to add to costs. They would need to either brute force it, or use social engineering to get your password out of you. The data is end to end encypted, so the Bitwarden "cloud" infrastructure doesn't have your keys on it to decrypt your data. On top of that, if they do get hacked, the best the hackers could steal is an encrypted blob. The Azure cloud thing adds to some level of expertise in security that Bitwarden alone would not have if they ran their own servers. Plus, they don't have "servers," they're using Microsoft's Azure Cloud for everything. But when I look at how Bitwarden has set up it's architecture, I'm wondering if there's a point.īitwarden basically stores an end to end encrypted blob on their servers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |